Such clocks are used by power utilities to monitor the flow and usage of electricity across the network in real time. A power grid with many substations will have a clock in each substation, providing a precise timestamp for every piece of data sent back to the grid control center.

Precision timing is essential to power grid management
The nanosecond-level precision of the timestamp enables the utility to monitor the performance of the entire grid in real time. That data can then be used to guide grid management decisions, such as how to address an identified fault, or whether to increase or decrease the supply of electricity to a particular region of the network.

To achieve the required level of timing precision, the clock at each substation relies on data from GPS satellites, whose on-board atomic clocks continuously relay precise time information to the ground.

Substation clocks can be 'spoofed' by fake GPS signals
It stands to reason, then, that if someone were able to broadcast a 'fake' GPS signal to a substation clock, fooling the clock into believing it was a different time, this could disrupt the flow of accurately-timed data to the control center.

This kind of attack, in which a technically-minded individual with the right sort of equipment contrives to broadcast a fake GPS signal—whether through malice, mischief, curiosity or accident—is known as GPS spoofing.

And while GPS spoofing is an extremely rare occurrence today, the increasing reliance of everything from power grids to financial trading systems on precise timing data from navigation satellites means we're certain to see it emerge as a new form of critical infrastructure hacking.

GPS spoofing could disrupt the power supply network
Hacking a power network using GPS time spoofing could have serious ramifications, whether the effect is to alter or disrupt the flow of electricity or even to mask abnormal activity on the grid. So it's unsurprising that this particular substation clock vulnerability was given a 5.4 'medium threat' score by the US Department of Homeland Security's Industrial Controls Systems Cyber Emergency Response Team (ICS-CERT).

At the same time, it's important to note that the vulnerability was apparently reported to the public US National Vulnerabilities Database by the clock vendor itself, and there is nothing to suggest that any spoofing attempt has ever taken place at any electricity substation using the clock. The vendor seems reasonably untroubled by the vulnerability, and says it will continue to sell the affected model. In the highly unlikely event of a successful spoofing attack on a substation, it says, the utility can simply remove and replace the clock's receiver battery to restore precise timekeeping.

Protect against GPS spoofing
Power utility operations managers, however, may not find this advice as reassuring as the clock manufacturer might hope. So, in the spirit of 'prevention is better than cure', is there anything they – and indeed, the clock manufacturers themselves – can do to protect themselves against potential spoofing attacks before they happen?

The good news is, yes there is – and the manufacturer in question has already addressed it in newer models of its clock. The newer model of the clock has multi-constellation GNSS support. In other words, rather than just depending on GPS for its time, the new clock can also obtain timing information from other GNSS constellations such as Russia's GLONASS or China's Beidou. This makes it more difficult for a spoofer to successfully inject a fake signal into the system.

While multi-GNSS support isn't the only way to protect precise timing systems from spoofing attacks, it is a straightforward way of increasing robustness. Over the next months and years we would expect to see multi-GNSS support become a more common feature of any device used for precision timekeeping in critical systems.

As hackers become more sophisticated, so too must the power industry
But as we know from the computer industry, hackers become more sophisticated over time, and therefore so too must our collective awareness of their capabilities—and the measures taken by manufacturers and systems integrators to guard against them.

Maintaining vigilance – and publicly reporting known vulnerabilities so that others may also be aware of them and take appropriate preventative measures – are essential behaviors in a world where GNSS interference has the potential to disrupt power grids and other critical infrastructure.By: Guy Buesnel - 4/29/2015 2:03:18 PMTags: Spoofing